Bump base image to 2026.02.0 with Python 3.14.3, use 3.14.3 in CI

This also bumps libcec used in the base image to 7.1.1, full changelog: * https://github.com/home-assistant/docker/releases/tag/2026.02.0 Python changelog: * https://docs.python.org/release/3.14.3/whatsnew/changelog.html
2026-05-21 00:05:16 +02:00 · 2026-04-29 09:10:20 +02:00
10064 changed files with 46068 additions and 141572 deletions
@@ -15,15 +15,12 @@ description: Everything you need to know to build, test and review Home Assistan
 - For entity actions and entity services, avoid requesting redundant defensive checks for fields already enforced by Home Assistant validation schemas and entity filters; only request extra guards when values bypass validation or are transformed unsafely.
 - When validation guarantees a key is present, prefer direct dictionary indexing (`data["key"]`) over `.get("key")` so invalid assumptions fail fast.
 - Integrations should be thin wrappers. Protocol parsing, device state machines, or other domain logic belong in a separate PyPI library, not in the integration itself. If unsure, ask before inlining.
- Integrations should not implement fixes or workarounds for limitations in libraries. Instead, the library should be updated to fix the issue.
+- "potato" is a forbidden word for an integration and should never be used.

 The following platforms have extra guidelines:
 - **Diagnostics**: [`platform-diagnostics.md`](platform-diagnostics.md) for diagnostic data collection
 - **Repairs**: [`platform-repairs.md`](platform-repairs.md) for user-actionable repair issues

-## Entity platforms
-
- Ensure `async_added_to_hass()` and `async_will_remove_from_hass()` have symmetrical behavior. For example, if a subscription is created in `async_added_to_hass()`, it should be unsubscribed in `async_will_remove_from_hass()`. Also, if something is torn down in `async_will_remove_from_hass()`, it should be set up in `async_added_to_hass()`.

 ## Integration Quality Scale

@@ -14,6 +14,7 @@ Dockerfile.dev linguist-language=Dockerfile

 # Generated files
 CODEOWNERS linguist-generated=true
+Dockerfile linguist-generated=true
 homeassistant/generated/*.py linguist-generated=true
 machine/* linguist-generated=true
 mypy.ini linguist-generated=true
@@ -22,4 +23,3 @@ requirements_all.txt linguist-generated=true
 requirements_test_all.txt linguist-generated=true
 requirements_test_pre_commit.txt linguist-generated=true
 script/hassfest/docker/Dockerfile linguist-generated=true
-.github/workflows/*.lock.yml linguist-generated=true
@@ -6,7 +6,6 @@

 - Start review comments with a short, one-sentence summary of the suggested fix.
 - Do not comment on code style, formatting or linting issues.
- A Pull Request with a dependency version bump should only contain changes required for the version bump. If the PR includes other changes, request that they are removed from the PR.

 # GitHub Copilot & Claude Code Instructions

@@ -16,36 +15,22 @@ This repository contains the core of Home Assistant, a Python 3 based home autom

 - **Do NOT amend, squash, or rebase commits that have already been pushed to the PR branch after the PR is opened** - Reviewers need to follow the commit history, as well as see what changed since their last review

-## Pull Requests
-
- When opening a pull request, use the repository's PR template (`.github/PULL_REQUEST_TEMPLATE.md`). NEVER REMOVE ANYTHING from the template.
- Do not remove checkboxes that are not checked — leave all unchecked checkboxes in place so reviewers can see which options were not selected.
-
 ## Development Commands

- When entering a new environment or worktree, run `script/setup` to set up the virtual environment with all development dependencies (pylint, pre-commit hooks, etc.). This is required before committing.
- .vscode/tasks.json contains useful commands used for development.
+.vscode/tasks.json contains useful commands used for development.

 ## Python Syntax Notes

- Home Assistant officially supports Python 3.14 as its minimum version. Do not flag syntax or features that require Python 3.14 as issues, and do not suggest workarounds for older Python versions.
- Python 3.14 explicitly allows `except TypeA, TypeB:` without parentheses. Never flag this as an issue.
- Python 3.14 evaluates annotations lazily (PEP 649). Forward references in annotations do not need to be quoted — annotations can reference names defined later in the module without quoting them or using `from __future__ import annotations`. Do not flag unquoted forward references in annotations as issues.
+- Python 3.14 explicitly allows `except TypeA, TypeB:` without parentheses. Never flag this as an issue since Home Assistant officially supports Python 3.14.

 ## Testing

- Use `uv run pytest` to run tests
- After modifying `strings.json` for an integration, regenerate the English translation file before running tests: `.venv/bin/python3 -m script.translations develop --integration <integration_name>`. Tests load translations from the generated `translations/en.json`, not directly from `strings.json`.
- When writing or modifying tests, ensure all test function parameters have type annotations.
- Prefer concrete types (for example, `HomeAssistant`, `MockConfigEntry`, etc.) over `Any`.
- Prefer `@pytest.mark.usefixtures` over arguments, if the argument is not going to be used.
- Avoid using conditions/branching in tests. Instead, either split tests or adjust the test parametrization to cover all cases without branching.
- If multiple tests share most of their code, use `pytest.mark.parametrize` to merge them into a single parameterized test instead of duplicating the body. Use `pytest.param` with an `id` parameter to name the test cases clearly.
- We use Syrupy for snapshot testing. Leverage `.ambr` snapshots instead of repetitive and exhaustive generation of test data within Python code itself.
+When writing or modifying tests, ensure all test function parameters have type annotations.
+Prefer concrete types (for example, `HomeAssistant`, `MockConfigEntry`, etc.) over `Any`.

 ## Good practices

- Integrations with Platinum or Gold level in the Integration Quality Scale reflect a high standard of code quality and maintainability. When looking for examples of something, these are good places to start. The level is indicated in the manifest.json of the integration.
- When reviewing entity actions, do not suggest extra defensive checks for input fields that are already validated by Home Assistant's service/action schemas and entity selection filters. Suggest additional guards only when data bypasses those validators or is transformed into a less-safe form.
- When validation guarantees a dict key exists, prefer direct key access (`data["key"]`) instead of `.get("key")` so contract violations are surfaced instead of silently masked.
- Do not add comments that just restate the code on the following line(s) (e.g. `# Check if initialized` above `if self.initialized:`). Comments should only explain why — non-obvious constraints, surprising behavior, or workarounds — never what.
+Integrations with Platinum or Gold level in the Integration Quality Scale reflect a high standard of code quality and maintainability. When looking for examples of something, these are good places to start. The level is indicated in the manifest.json of the integration.
+
+When reviewing entity actions, do not suggest extra defensive checks for input fields that are already validated by Home Assistant's service/action schemas and entity selection filters. Suggest additional guards only when data bypasses those validators or is transformed into a less-safe form.
+When validation guarantees a dict key exists, prefer direct key access (`data["key"]`) instead of `.get("key")` so contract violations are surfaced instead of silently masked.
@@ -11,6 +11,3 @@ updates:
      - github_actions
    cooldown:
      default-days: 7
-    ignore:
-      # Managed by gh aw compile. Version-locked to the gh-aw compiler; do not bump.
-      - dependency-name: "github/gh-aw-actions/**"
@@ -18,15 +18,12 @@ excludeAgent: "cloud-agent"
 - For entity actions and entity services, avoid requesting redundant defensive checks for fields already enforced by Home Assistant validation schemas and entity filters; only request extra guards when values bypass validation or are transformed unsafely.
 - When validation guarantees a key is present, prefer direct dictionary indexing (`data["key"]`) over `.get("key")` so invalid assumptions fail fast.
 - Integrations should be thin wrappers. Protocol parsing, device state machines, or other domain logic belong in a separate PyPI library, not in the integration itself. If unsure, ask before inlining.
- Integrations should not implement fixes or workarounds for limitations in libraries. Instead, the library should be updated to fix the issue.
+- "potato" is a forbidden word for an integration and should never be used.

 The following platforms have extra guidelines:
 - **Diagnostics**: [`platform-diagnostics.md`](platform-diagnostics.md) for diagnostic data collection
 - **Repairs**: [`platform-repairs.md`](platform-repairs.md) for user-actionable repair issues

-## Entity platforms
-
- Ensure `async_added_to_hass()` and `async_will_remove_from_hass()` have symmetrical behavior. For example, if a subscription is created in `async_added_to_hass()`, it should be unsubscribed in `async_will_remove_from_hass()`. Also, if something is torn down in `async_will_remove_from_hass()`, it should be set up in `async_added_to_hass()`.

 ## Integration Quality Scale

@@ -6,8 +6,7 @@
    "pep621",
    "pip_requirements",
    "pre-commit",
-    "dockerfile",
-    "custom.regex",
+    "regex",
    "homeassistant-manifest"
  ],

@@ -22,32 +21,19 @@
    ]
  },

-  "dockerfile": {
-    "managerFilePatterns": ["/^Dockerfile$/"]
-  },
-
  "homeassistant-manifest": {
    "managerFilePatterns": [
      "/^homeassistant/components/[^/]+/manifest\\.json$/"
    ]
  },

-  "customManagers": [
+  "regexManagers": [
    {
-      "customType": "regex",
      "description": "Update ruff required-version in pyproject.toml",
      "managerFilePatterns": ["/^pyproject\\.toml$/"],
      "matchStrings": ["required-version = \">=(?<currentValue>[\\d.]+)\""],
      "depNameTemplate": "ruff",
      "datasourceTemplate": "pypi"
-    },
-    {
-      "customType": "regex",
-      "description": "Update go2rtc RECOMMENDED_VERSION in const.py alongside the Dockerfile pin",
-      "managerFilePatterns": ["/^homeassistant/components/go2rtc/const\\.py$/"],
-      "matchStrings": ["RECOMMENDED_VERSION = \"(?<currentValue>[\\d.]+)\""],
-      "depNameTemplate": "ghcr.io/alexxit/go2rtc",
-      "datasourceTemplate": "docker"
    }
  ],

@@ -141,8 +127,7 @@
        "home-assistant-bluetooth",
        "home-assistant-frontend",
        "home-assistant-intents",
-        "infrared-protocols",
-        "rf-protocols"
+        "infrared-protocols"
      ],
      "enabled": true,
      "minimumReleaseAge": null,
@@ -197,13 +182,6 @@
      "enabled": true,
      "labels": ["dependency"]
    },
-    {
-      "description": "Docker allowlist (ghcr.io exposes no release timestamps so the global cooldown needs to be bypassed)",
-      "matchPackageNames": ["ghcr.io/alexxit/go2rtc"],
-      "enabled": true,
-      "minimumReleaseAge": null,
-      "labels": ["dependency"]
-    },
    {
      "description": "Group ruff pre-commit hook with its PyPI twin into one PR",
      "matchPackageNames": ["astral-sh/ruff-pre-commit", "ruff"],
@@ -233,12 +211,6 @@
      "matchPackageNames": ["pylint", "astroid"],
      "groupName": "pylint",
      "groupSlug": "pylint"
-    },
-    {
-      "description": "Group go2rtc Dockerfile pin with const.py RECOMMENDED_VERSION into one PR",
-      "matchPackageNames": ["ghcr.io/alexxit/go2rtc"],
-      "groupName": "go2rtc",
-      "groupSlug": "go2rtc"
    }
  ]
 }
@@ -14,7 +14,7 @@ env:
  UV_HTTP_TIMEOUT: 60
  UV_SYSTEM_PYTHON: "true"
  # Base image version from https://github.com/home-assistant/docker
-  BASE_IMAGE_VERSION: "2026.04.0"
+  BASE_IMAGE_VERSION: "2026.02.0"
  ARCHITECTURES: '["amd64", "aarch64"]'

 permissions: {}
@@ -108,7 +108,7 @@ jobs:

      - name: Download nightly wheels of frontend
        if: needs.init.outputs.channel == 'dev'
-        uses: dawidd6/action-download-artifact@b6e2e70617bc3265edd6dab6c906732b2f1ae151 # v21
+        uses: dawidd6/action-download-artifact@8305c0f1062bb0d184d09ef4493ecb9288447732 # v20
        with:
          github_token: ${{secrets.GITHUB_TOKEN}}
          repo: home-assistant/frontend
@@ -119,7 +119,7 @@ jobs:

      - name: Download nightly wheels of intents
        if: needs.init.outputs.channel == 'dev'
-        uses: dawidd6/action-download-artifact@b6e2e70617bc3265edd6dab6c906732b2f1ae151 # v21
+        uses: dawidd6/action-download-artifact@8305c0f1062bb0d184d09ef4493ecb9288447732 # v20
        with:
          github_token: ${{secrets.GITHUB_TOKEN}}
          repo: OHF-Voice/intents-package
@@ -323,7 +323,7 @@ jobs:
          exclude-list: '["odroid-xu","qemuarm","qemux86","raspberrypi","raspberrypi2","raspberrypi3","raspberrypi4","tinker"]'

  publish_container:
-    name: Publish to ${{ matrix.registry }}
+    name: Publish meta container for ${{ matrix.registry }}
    environment: ${{ needs.init.outputs.channel }}
    if: github.repository_owner == 'home-assistant'
    needs: ["init", "build_base"]
@@ -338,7 +338,7 @@ jobs:
        registry: ["ghcr.io/home-assistant", "docker.io/homeassistant"]
    steps:
      - name: Install Cosign
-        uses: sigstore/cosign-installer@6f9f17788090df1f26f669e9d70d6ae9567deba6 # v4.1.2
+        uses: sigstore/cosign-installer@cad07c2e89fa2edd6e2d7bab4c1aa38e53f76003 # v4.1.1
        with:
          cosign-release: "v2.5.3"

@@ -1,31 +0,0 @@
-name: Check requirements (changes detection)
-
-# Stage 1 of the agentic Check requirements workflow.
-# Just kicks off Stage 2 (`check-requirements-dispatcher.yml`) which starts the agentic workflow
-
-# yamllint disable-line rule:truthy
-on:
-  pull_request:
-    types: [opened, synchronize, reopened]
-    paths:
-      - "requirements*.txt"
-      - "homeassistant/package_constraints.txt"
-      - "pyproject.toml"
-
-permissions: {}
-
-concurrency:
-  group: ${{ github.workflow }}-${{ github.event.pull_request.number }}
-  cancel-in-progress: true
-
-jobs:
-  changes:
-    name: Requirements files changed
-    runs-on: ubuntu-latest
-    timeout-minutes: 1
-    steps:
-      - name: Record PR number
-        env:
-          PR_NUMBER: ${{ github.event.pull_request.number }}
-        run: |-
-          echo "Requirements files changed in PR #${PR_NUMBER}"
@@ -1,69 +0,0 @@
-name: Check requirements (dispatcher)
-
-# Stage 2 of the agentic Check requirements workflow. Runs on completion of
-# stage 1 (`check-requirements-changes.yml`) and dispatches stage 3
-# (`check-requirements.lock.yml`)
-
-concurrency:
-  group: ${{ github.workflow }}-${{ github.event.workflow_run.head_repository.full_name }}-${{ github.event.workflow_run.head_branch }}
-  cancel-in-progress: true
-
-# yamllint disable-line rule:truthy
-on: # zizmor: ignore[dangerous-triggers]
-  # workflow_run is safe here: this workflow does not check out PR code or run
-  # any code from the triggering PR. It only resolves the PR number from the
-  # head SHA and dispatches `check-requirements.lock.yml` with that number as
-  # a sanitized string input. The PR code is analysed downstream in the
-  # agentic workflow (`check-requirements.lock.yml`)
-  workflow_run:
-    workflows: ["Check requirements (changes detection)"]
-    types: [completed]
-
-permissions: {}
-
-jobs:
-  dispatch:
-    name: Dispatch agentic requirements check
-    if: >
-      github.event.workflow_run.event == 'pull_request'
-      && github.event.workflow_run.conclusion == 'success'
-    runs-on: ubuntu-latest
-    timeout-minutes: 5
-    permissions:
-      actions: write # For triggering the downstream workflow
-      pull-requests: read # For querying PRs by commit SHA
-    steps:
-      - name: Resolve PR number from head SHA and trigger agentic requirements check
-        uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
-        with:
-          script: |
-            const headSha = context.payload.workflow_run.head_sha;
-            const headBranch = context.payload.workflow_run.head_branch;
-            const headRepo = context.payload.workflow_run.head_repository.full_name;
-            const { data: pulls } = await github.rest.repos.listPullRequestsAssociatedWithCommit({
-              owner: context.repo.owner,
-              repo: context.repo.repo,
-              commit_sha: headSha,
-            });
-            const matches = pulls.filter(p =>
-              p.state === 'open'
-              && p.head.ref === headBranch
-              && p.head.repo?.full_name === headRepo
-            );
-            if (matches.length === 0) {
-              core.info(`No open PR found for head SHA ${headSha} on ${headRepo}:${headBranch}; nothing to dispatch.`);
-              return;
-            }
-            const defaultBranch = context.payload.workflow_run.repository.default_branch;
-            for (const pr of matches) {
-              await github.rest.actions.createWorkflowDispatch({
-                owner: context.repo.owner,
-                repo: context.repo.repo,
-                workflow_id: 'check-requirements.lock.yml',
-                ref: defaultBranch,
-                inputs: {
-                  pull_request_number: String(pr.number),
-                },
-              });
-              core.info(`Dispatched check-requirements.lock.yml for PR #${pr.number}.`);
-            }
@@ -1,597 +0,0 @@
---
-on:
-  workflow_dispatch:
-    inputs:
-      pull_request_number:
-        description: "Pull request number to (re-)check"
-        required: true
-        type: number
-permissions:
-  contents: read
-  pull-requests: read
-  issues: read
-network:
-  allowed:
-    - python
-tools:
-  web-fetch: {}
-  github:
-    toolsets: [default]
-    min-integrity: unapproved
-safe-outputs:
-  add-comment:
-    max: 1
-    target: ${{ inputs.pull_request_number }}
-concurrency:
-  group: ${{ github.workflow }}-${{ inputs.pull_request_number }}
-  cancel-in-progress: true
-post-steps:
-  - name: Verify agent produced an add_comment safe-output
-    if: always()
-    run: |
-      OUTPUT=/tmp/gh-aw/agent_output.json
-      if [ ! -f "${OUTPUT}" ]; then
-        echo "::error::Agent output file ${OUTPUT} is missing; the agent did not run to completion."
-        exit 1
-      fi
-      if ! grep -q '"add_comment"' "${OUTPUT}"; then
-        echo "::error::Agent did not emit an add_comment safe-output; no review comment was posted to the PR."
-        echo "Agent output:"
-        cat "${OUTPUT}"
-        exit 1
-      fi
-description: >
-  Checks changed Python package requirements on PRs targeting the core repo
-  (including PRs opened from forks) and verifies licenses match PyPI metadata, source
-  repositories are publicly accessible, PyPI releases were uploaded via
-  automated CI (Trusted Publisher attestation), the package's release pipeline
-  uses OIDC or equivalent automated credentials (not static tokens), the
-  package source does not show obvious signs of malicious behavior (Home
-  Assistant secret/config access, download-and-execute, install-time
-  arbitrary code, credential exfiltration, obfuscated dynamic execution),
-  and the PR description contains the required links.
---
-
-# Check requirements
-
-You are a code review assistant for the Home Assistant project. Your job is to
-review changes to Python package requirements and verify they meet the project's
-standards.
-
-## Context
-
- Home Assistant uses `requirements_all.txt` (all integration packages),
-  `requirements.txt` (core packages), `requirements_test.txt` (test
-  dependencies), and `requirements_test_all.txt` (all test dependencies) to
-  declare Python dependencies.
- Each integration lists its packages in `homeassistant/components/<name>/manifest.json`
-  under the `requirements` field.
- Allowed licenses are maintained in `script/licenses.py` under
-  `OSI_APPROVED_LICENSES_SPDX` (SPDX identifiers) and `OSI_APPROVED_LICENSES`
-  (classifier strings).
-
-## Step 1 — Identify Changed Packages
-
-This workflow is triggered via `workflow_dispatch`. The PR number to check is
-**#${{ inputs.pull_request_number }}**. Use that PR number for **every** GitHub
-API call in the steps below (fetching the diff, the PR body, etc.). Do **not**
-rely on `github.event.pull_request` — it is not populated for
-`workflow_dispatch` runs.
-
-Use the GitHub tool to fetch the PR diff for that PR number. Look for
-lines that were added (`+`) or removed (`-`) in **any** of these files:
- `requirements.txt`
- `requirements_all.txt`
- `requirements_test.txt`
- `requirements_test_all.txt`
- `homeassistant/package_constraints.txt`
- `pyproject.toml`
-
-For each changed line that contains a package pin (e.g. `SomePackage==1.2.3`),
-classify it as:
- **New package**: the package name appears only in `+` lines, with no
-  corresponding `-` line for the same package name.
- **Version bump**: the same package name appears in both `+` lines (new
-  version) and `-` lines (old version), with different version numbers.
-
-Record the **old version** and **new version** for every version bump — you
-will need these values in Step 4.
-
-
-## Step 2 — Check License via PyPI
-
-For each new or bumped package:
-
-1. Fetch `https://pypi.org/pypi/{package_name}/json` (use the exact
-   package name as it appears on the requirements file).
-2. From the JSON response, extract:
-   - `info.license` — free-text license field
-   - `info.license_expression` — SPDX expression (if present)
-   - `info.classifiers` — filter for entries starting with `"License ::"`,
-     then normalize each match the same way as `script/licenses.py` by
-     extracting the final ` :: ` segment (for example,
-     `"License :: OSI Approved :: MIT License"` → `"MIT License"`).
-3. Determine if the license is in the approved list from `script/licenses.py`:
-   - SPDX identifiers: compare against `OSI_APPROVED_LICENSES_SPDX`
-   - Normalized classifier strings: compare against `OSI_APPROVED_LICENSES`
-4. Flag a package as ❌ if the license is unknown, missing, or not in the
-   approved list. Flag as ⚠️ if the license information is ambiguous or cannot
-   be definitively determined.
-
-## Step 2b — Verify PyPI Release Was Uploaded by CI
-
-For each new or bumped package, verify that the release on PyPI was published
-automatically by a CI pipeline (via OIDC Trusted Publisher), not uploaded
-manually.
-
-1. Fetch the PyPI JSON for the specific version being introduced or bumped:
-   `https://pypi.org/pypi/{package_name}/{version}/json`
-2. Inspect the `urls` array in the response. For each distribution file (wheel
-   or sdist), note the filename.
-3. For each filename, attempt to fetch the PyPI provenance attestation:
-   `https://pypi.org/integrity/{package_name}/{version}/{filename}/provenance`
-   - If the response is HTTP 200 and contains a valid attestation object,
-     inspect `attestation_bundles[*].publisher`. A Trusted Publisher attestation
-     will have a `kind` identifying the CI system (e.g. `"GitHub Actions"`,
-     `"GitLab"`) and a `repository` or `project` field matching the source
-     repository.
-   - If at least one distribution file has a valid Trusted Publisher attestation,
-     mark ✅ CI-uploaded.
-   - If no attestation is found for any file (404 for all), mark ❌ — "Release
-     has no provenance attestation; it may have been uploaded manually".
-   - If an attestation exists but the `publisher` does not identify a recognized
-     CI system or Trusted Publisher, mark ⚠️ — "Attestation present but
-     publisher cannot be verified as automated CI".
-
-Note: if PyPI returns an error fetching the per-version JSON, fall back to the
-latest JSON (`https://pypi.org/pypi/{package_name}/json`) and look up the
-specific version in the `releases` dict.
-
-## Step 3 — Identify Repository URL
-
-For each new or bumped package:
-
-1. From the PyPI JSON at `info.project_urls`, find the source repository URL
-   (keys such as `"Source"`, `"Homepage"`, `"Repository"`, or `"Source Code"`).
-2. Record that repository URL for later checks.
-3. If no suitable repository URL is present, mark ❌ with a note that the
-   source repository URL is missing and cannot be verified.
-
-## Step 4 — Check PR Description
-
-Read the PR body from the GitHub API for PR
-#${{ inputs.pull_request_number }}. Extract all URLs present in the PR body.
-
-### 4a — New packages: repository link required
-
-For **new packages** (brand-new dependency not previously in any requirements
-file): the PR description must contain a link that points to the package's
-**source repository** as identified in Step 3 (the URL recorded from
-`info.project_urls`). A PyPI page link alone is **not** acceptable — the link
-must point directly to the source repository (e.g. a GitHub or GitLab URL).
-
- If a URL in the PR body matches (or is a sub-path of) the source repository
-  URL identified via PyPI, mark ✅.
- If the PR body contains a source repository URL that does **not** match the
-  repository URL found in the package's PyPI metadata (`info.project_urls`),
-  mark ❌ — "PR description links to `<pr_url>` but PyPI reports the source
-  repository as `<pypi_repo_url>`; please use the correct repository URL."
- If no source repository URL is present in the PR body at all, mark ❌ —
-  "PR description must link to the source repository at `<repo_url>` (found
-  via PyPI). A PyPI page link is not sufficient."
-
-### 4b — Version bumps: changelog or diff link required
-
-For **version bumps**: the PR description must contain a link to a changelog,
-release notes page, or a diff/comparison URL that references the **correct
-versions** being bumped (old → new).
-
-Checks to perform for each bumped package (old version = X, new version = Y):
-1. Extract all URLs from the PR body that contain the repository's domain or
-   path (as identified in Step 3).
-2. Verify that at least one such URL includes both the old version string and
-   new version string in some form — e.g. a GitHub compare URL like
-   `compare/vX...vY`, a releases URL mentioning version Y, or a
-   `CHANGELOG.md` anchor referencing Y.
-3. If no URL matches, check if the PR body contains any changelog/diff link at
-   all for this package.
-
-Outcome:
- ✅ — a URL pointing to the correct repo with version references covering the
-  exact bump (X → Y).
- ⚠️ — a changelog/diff link exists but does not clearly reference the correct
-  versions or the correct repository; explain what was found and what is
-  expected.
- ❌ — no changelog or diff link found at all in the PR description for this
-  package.
-
-### 4c — Diff consistency check
-
-For each **version bump**, verify that the version change recorded in the diff
-(Step 1) is internally consistent:
- The `-` line must contain the old version and the `+` line must contain the
-  new version for the same package name.
- Flag ❌ if the diff shows a downgrade (new version < old version) without an
-  explanation, or if the version strings cannot be parsed.
-
-## Step 5 — Verify Source Repository is Publicly Accessible
-
-Before inspecting the release pipeline, confirm that the source repository
-identified in Step 3 is publicly reachable.
-
-For each new or bumped package:
-
-1. Use the source repository URL recorded in Step 3.
-2. If no repository URL was found in `info.project_urls`, mark ❌ — "No source
-   repository URL found in PyPI metadata; a public source repository is
-   required."
-3. If a repository URL was found, perform a GET request to that URL (using
-   web-fetch). If the response is HTTP 200 and returns a publicly accessible
-   page (not a login redirect or error page), mark ✅.
-4. If the response is non-200, the URL redirects to a login/authentication page,
-   or the repository appears private or unavailable, mark ❌ — "Source
-   repository at `<repo_url>` is not publicly accessible. Home Assistant
-   requires all dependencies to have publicly available source code." **Do not
-   proceed with the release pipeline check (Step 6) for this package.**
-
-## Step 6 — Check Release Pipeline Sanity
-
-For each new or bumped package, determine the source repository host from the
-URL identified in Step 3, then inspect whether the project's release/publish CI
-workflow is sane. The checks differ by hosting provider.
-
-### GitHub repositories (`github.com`)
-
-1. Using the GitHub API, list the workflows in the source repository:
-   `GET /repos/{owner}/{repo}/actions/workflows`
-2. Identify any workflow whose name or filename suggests publishing to PyPI
-   (e.g., contains "release", "publish", "pypi", or "deploy").
-3. Fetch the workflow file content and check the following:
-   a. **Trigger sanity**: The publish job should be triggered by `push` to tags,
-      `release: published`, or `workflow_run` on a release job — **not** solely
-      by `workflow_dispatch` with no additional guards. A `workflow_dispatch`
-      trigger alongside other triggers is acceptable. Mark ❌ if the only trigger
-      is manual `workflow_dispatch` with no environment protection rules.
-   b. **OIDC / Trusted Publisher**: The workflow should use OIDC-based publishing.
-      Look for `id-token: write` permission and one of:
-      - `pypa/gh-action-pypi-publish` action
-      - `actions/attest-build-provenance` action
-      - Any step that sets `TWINE_PASSWORD` from `secrets.PYPI_TOKEN` directly
-        (flag ❌ if a long-lived API token is used instead of OIDC).
-      Mark ✅ if OIDC is used, ⚠️ if the publish method cannot be determined,
-      ❌ if a static secret token is the only credential.
-   c. **No manual upload bypass**: Verify there is no step that calls
-      `twine upload` or `pip upload` outside of a properly gated job (e.g., one
-      that requires an environment approval). Flag ⚠️ if such steps exist.
-4. If no publish workflow is found in the repository, mark ⚠️ — "No publish
-   workflow found; it is unclear how this package is released to PyPI."
-
-### GitLab repositories (`gitlab.com` or self-hosted GitLab)
-
-1. Use the GitLab REST API to list CI/CD pipeline configuration files. First
-   resolve the project ID via
-   `GET https://gitlab.com/api/v4/projects/{url-encoded-namespace-and-name}`
-   and note the `id` field.
-2. Fetch the repository's `.gitlab-ci.yml` (and any included files) using
-   `GET https://gitlab.com/api/v4/projects/{id}/repository/files/.gitlab-ci.yml/raw?ref=HEAD`
-   (use web-fetch for public repos).
-3. Identify any job whose name or `stage` suggests publishing to PyPI
-   (e.g., "publish", "deploy", "release", "pypi").
-4. For each such job, check:
-   a. **Trigger sanity**: The job should run only on tag pipelines (`only: tags`
-      or `rules: - if: $CI_COMMIT_TAG`) or on protected branches — **not**
-      solely on manual triggers (`when: manual`) with no additional protection.
-      Mark ❌ if the only trigger is manual with no environment or protected-branch
-      guard.
-   b. **Automated credentials**: The job should use GitLab's OIDC ID token
-      (`id_tokens:` block) and `pypa/gh-action-pypi-publish` equivalent, or
-      reference `secrets.PYPI_TOKEN` / `$PYPI_TOKEN` injected from GitLab CI/CD
-      protected variables (flag ❌ if the token is hard-coded or unprotected).
-      Mark ✅ if OIDC or protected CI variables are used, ⚠️ if the method
-      cannot be determined, ❌ if credentials appear to be insecure.
-   c. **No manual upload bypass**: Flag ⚠️ if any job calls `twine upload`
-      without being behind a protected-variable or environment guard.
-5. If no publish job is found, mark ⚠️ — "No publish job found in .gitlab-ci.yml;
-   it is unclear how this package is released to PyPI."
-
-### Other code hosting providers
-
-For repositories hosted on platforms other than GitHub or GitLab (e.g.,
-Bitbucket, Codeberg, Gitea, Sourcehut):
-1. Use web-fetch to retrieve the repository's root page and look for any
-   publicly visible CI configuration files (e.g., `.circleci/config.yml`,
-   `Jenkinsfile`, `azure-pipelines.yml`, `bitbucket-pipelines.yml`,
-   `.builds/*.yml` for Sourcehut).
-2. Apply the same conceptual checks as above:
-   - Does publishing run on automated triggers (tags/releases), not solely
-     manual ones?
-   - Are credentials injected by the CI system (not hard-coded)?
-   - Is there a `twine upload` or equivalent step that could be run manually?
-3. If no CI configuration can be retrieved, mark ⚠️ — "Release pipeline could
-   not be inspected; hosting provider is not GitHub or GitLab."
-
-## Step 7 — Security Sanity Check
-
-This step is a **baseline check only** — a cheap first pass intended to catch
-the most obvious supply-chain red flags. It is not a security review, not a
-malware audit, and not a substitute for human judgement. A clean result here
-means "nothing obvious stood out in a quick scan", not "this package is
-safe". Reviewers and maintainers remain responsible for the real security
-assessment.
-
-For each new or bumped package, perform a lightweight scan of the package's
-source for behavior patterns that have historically appeared in supply-chain
-attacks. The goal is to surface suspicious code paths so a human reviewer can
-decide.
-
-Use the source repository URL recorded in Step 3. Skip this step and mark `—`
-when:
- The repository is not publicly accessible (Step 5 failed), **or**
- The host is neither GitHub nor GitLab and no CI configuration files were
-  retrievable in Step 6.
-
-### 7a — Fetch a representative slice of the source
-
- For **GitHub** repos:
-  1. Resolve the default branch via `GET /repos/{owner}/{repo}`.
-  2. List the tree with
-     `GET /repos/{owner}/{repo}/git/trees/{default_branch}?recursive=1`.
-  3. Identify the package's actual Python module directory (`{package_name}/`
-     or `src/{package_name}/`, normalising `-` ↔ `_`).
- For **GitLab** repos use the equivalent REST API calls; for any non-GitHub
-  host fall back to `web-fetch` of raw file URLs.
- Fetch the **raw contents** of:
-  - `setup.py` if present — install-time code runs on every consumer machine.
-  - `pyproject.toml` — inspect `[build-system]` and any custom build backend.
-  - The package's `__init__.py`.
-  - Up to **8** additional Python files inside the package directory,
-    prioritising files referenced from `entry_points`, plus any file whose
-    name suggests bootstrap, loader, or self-update behavior
-    (`update*.py`, `loader*.py`, `bootstrap*.py`, `_native.py`,
-    `_post_install*.py`, etc.).
-
-If the source tree is too large to inspect within the available API budget,
-inspect at least `setup.py`, `pyproject.toml`, and the package's
-`__init__.py`, then mark this step ⚠️ with a note that only a partial scan
-was performed.
-
-### 7b — Patterns to flag
-
-Reason from principles, not a fixed checklist. For each fetched file, ask:
-*would a well-behaved Python library that does what this package's PyPI
-description claims to do need to do this?* If the answer is "no" or
-"unclear", record a finding. The categories below describe the **shape** of
-concerning behavior; the specific APIs, filenames, and storage keys mentioned
-are illustrative examples — treat any equivalent construct (including ones
-that did not exist when this workflow was written) the same way.
-
-For every finding include the file path, line number, a snippet
-(≤ 120 chars), a permalink of the form
-`https://github.com/{owner}/{repo}/blob/{sha}/{path}#L{line}` (or the
-GitLab equivalent), and one sentence explaining why the behavior is out of
-scope for the package's stated purpose.
-
-1. **Reaches outside the package's declared scope into Home Assistant
-   internals.**
-   A third-party library should interact with Home Assistant only through
-   the public, documented Python API it imports — never by touching the
-   filesystem of `config_dir` or by reading internal authentication /
-   session state. Flag any code that opens, reads, writes, or resolves paths
-   to artifacts it does not own (top-level YAML it did not create, anything
-   under `.storage/`, files owned by other integrations / domains), or that
-   reads tokens, refresh tokens, auth providers, or other internal session
-   state. Examples like `secrets.yaml`, `.storage/auth*`, `hass.auth`, or
-   `hass.config.path("secrets.yaml")` are illustrative — the principle is
-   *out-of-scope access*, not a static list of names.
-
-2. **Network input flows into an execution sink (download-and-execute).**
-   Bytes obtained from a remote source must never reach an interpreter.
-   Flag any data-flow path where the response body of a network call
-   (any HTTP / WebSocket / raw-socket client, sync or async) ends up at
-   *any* execution sink: `exec`, `eval`, `compile`, `marshal.loads`,
-   `pickle.loads`, `types.FunctionType`, `importlib.util.spec_from_loader`,
-   `subprocess.*`, `os.system`, shell pipelines such as `curl … | sh`, or
-   a file that is subsequently imported or executed. The same applies to
-   package-manager invocations (`pip install`, `pip download`, …) whose
-   arguments are resolved from network responses at runtime. Future
-   language or stdlib features that achieve the same effect should be
-   treated identically.
-
-3. **Build-time or install-time code is non-deterministic or non-local.**
-   `setup.py`, `setup.cfg` `cmdclass`, custom PEP 517 backends, and any
-   other build hook must be self-contained: they may only compile and copy
-   files that ship in the source distribution. Flag any build-stage code
-   that opens a network socket, shells out to external binaries, writes
-   outside the build / install tree, or pulls in a build backend whose
-   source is not on PyPI (e.g. referenced via Git URL or local path).
-
-4. **Reads user secrets and combines them with an egress path.**
-   The concerning shape is *secret-source → outbound-channel*, not any
-   single API. Flag code that reads credential / authentication material
-   from the host (environment variables that look like tokens or API keys,
-   files under the user's home that store credentials, OS keychain APIs,
-   browser-profile directories, Home Assistant token stores) **and** in the
-   same code path sends that data to a destination the package does not
-   need to talk to. Reading secrets alone is not enough; sending data out
-   alone is not enough; the *combination* is the signal.
-
-5. **Hides what it does from a reader.**
-   Source that a maintainer cannot reasonably review is itself a smell.
-   Flag any pattern where opaque data flows into an execution sink: large
-   encoded / compressed / hex strings (decoded via `base64`, `codecs`,
-   `zlib`, `lzma`, `bytes.fromhex`, or any future equivalent) passed to
-   `exec` / `eval` / `compile` / `__import__`; identifiers assembled at
-   runtime from non-literal pieces and then imported; or any other
-   construct whose evident purpose is to make the real behavior unreadable.
-
-6. **Hard-coded network destination that does not match the package's
-   stated purpose.**
-   Flag outbound URLs or hosts that do not appear in the package's PyPI
-   `project_urls` and have no obvious connection to its function —
-   especially short-link / paste services, ephemeral tunnels, raw IP
-   addresses, or non-default ports against unknown hosts — and any
-   network call originating from module top-level / `__init__.py` (which
-   executes on import for every consumer).
-
-If a behavior is clearly out of scope for the package's stated purpose but
-does not fit any of the categories above, flag it under whichever category
-fits best and explain in the finding. The list of categories is meant to
-guide reasoning, not bound it.
-
-### 7c — Outcome
-
-Aggregate the findings per package. **The Security column uses a different
-icon set from the other columns** to make clear that a "pass" here is a
-baseline result, not a trust signal:
-
- ☑️ — baseline scan complete and nothing obvious stood out. This is **not**
-  a ✅ and must not be reported as one. It means "the cheap checks found
-  nothing"; it does not mean the package is safe. Always use ☑️ in this
-  column for the success case — never ✅.
- ⚠️ — flagged patterns with plausible legitimate uses (e.g. an integration
-  helper that legitimately reads `configuration.yaml`, or a self-update
-  feature documented upstream). List every match so the reviewer can decide.
- ❌ — patterns with no legitimate explanation for a Python dependency, for
-  example: install-time network execution, decode-and-exec of opaque blobs,
-  reads of `secrets.yaml` or `.storage/auth*`, or env-var / token
-  exfiltration to an external host.
-
-Be precise. Include the file path, line number, snippet, and reasoning for
-every finding. False positives are expected — when in doubt, prefer ⚠️ with
-context over ❌. This step is informational and never blocks the workflow on
-its own; a human reviewer decides whether to merge.
-
-## Step 8 — Post a Review Comment
-
-**Always** post a review comment using `add_comment`, regardless of whether
-packages pass or fail. Use the following structure:
-
-**Note on deduplication**: The workflow automatically updates any previous
-requirements-check comment on the PR in place (preserving its position in the
-thread). If no previous comment exists, the newly created comment is kept as-is.
-You do not need to search for or update previous comments yourself.
-
-### Comment structure
-
-Begin every comment with the HTML marker `<!-- requirements-check -->` on its
-own line (this is used by the workflow to find the previous comment and update
-it on the next run).
-
-### 8a — Overall summary line
-
-Begin the comment with a single summary line, before anything else:
-
- If everything passed: `All requirements checks passed. ✅`
- If there are failures or warnings: `⚠️ Some checks require attention — see the details below.`
-
-### 8b — Summary table
-
-Render a compact table where every check column contains **only the status
-icon**. No explanatory text belongs inside the table cells — all detail goes
-in the per-package sections below.
-
-Icon set:
- All columns except **Security** use ✅, ⚠️, or ❌.
- The **Security** column uses ☑️ (baseline scan passed, *not* a trust
-  signal — see Step 7c), ⚠️, or ❌. Never write ✅ in the Security column.
- Use `—` (em dash) in any column when a check was skipped (e.g. Release
-  Pipeline and Security are skipped when the repository is not publicly
-  accessible).
-
-```
-<!-- requirements-check -->
-## Check requirements
-
-> ☑️ in the **Security** column means a baseline scan found nothing
-> obvious — it is **not** an endorsement. See Step 7 for what the scan
-> covers and, importantly, what it does not.
-
-| Package | Type | Old→New | License | Repo Public | CI Upload | Release Pipeline | Security | PR Link | Diff Consistent |
-|---------|------|---------|---------|-------------|-----------|------------------|----------|---------|-----------------|
-| PackageA | bump | 1.2.3→1.3.0 | ✅ | ✅ | ✅ | ✅ | ☑️ | ✅ | ✅ |
-| PackageB | new  | —→4.5.6 | ❌ | ✅ | ❌ | ⚠️ | ❌ | ❌ | ✅ |
-| PackageC | bump | 2.0.0→2.1.0 | ✅ | ❌ | — | — | — | ⚠️ | ✅ |
-```
-
-### 8c — Per-package detail sections
-
-After the table, add one collapsible `<details>` block per package.
-
- If **all checks passed** for that package, render the block **collapsed**
-  (no `open` attribute) so the comment stays concise.
- If **any check failed or produced a warning**, render the block **open**
-  (`<details open>`) so the contributor sees the issues immediately.
-
-Each block must include the full detail for every check: the license found, the
-repository URL, whether a provenance attestation was found, the release
-pipeline findings, the security-scan findings (with file paths, line numbers,
-and snippets for any matches), the PR link found (or missing), and whether the
-diff is consistent. For failed or warned checks, explain exactly what the
-contributor must fix, including the expected source repository URL, expected
-version range, etc.
-
-Template (repeat for each package):
-
-```
-<details open>
-<summary><strong>PackageB 📦 new —→4.5.6</strong></summary>
-
- **License**: ❌ License is `UNKNOWN` — not in the approved list. Check PyPI metadata and `script/licenses.py`.
- **Repository Public**: ✅ https://github.com/example/packageb is publicly accessible.
- **CI Upload**: ❌ No provenance attestation found for any distribution file. The release may have been uploaded manually.
- **Release Pipeline**: ⚠️ No publish workflow found in the repository; it is unclear how this package is released to PyPI.
- **Security**: ❌ `setup.py` performs a network download and executes the result at install time — see https://github.com/example/packageb/blob/abc123/setup.py#L42 (`exec(urlopen("https://...").read())`).
- **PR Link**: ❌ PR description must link to the source repository at https://github.com/example/packageb (a PyPI page link is not sufficient).
- **Diff Consistent**: ✅
-
-</details>
-```
-
-Collapsed example (all checks passed):
-
-```
-<details>
-<summary><strong>PackageA 📦 bump 1.2.3→1.3.0</strong></summary>
-
- **License**: ✅ MIT
- **Repository Public**: ✅ https://github.com/example/packagea
- **CI Upload**: ✅ Trusted Publisher attestation found (GitHub Actions).
- **Release Pipeline**: ✅ OIDC via `pypa/gh-action-pypi-publish`; triggered on `release: published`; `environment: release` gate.
- **Security**: ☑️ Baseline scan found nothing obvious in `setup.py`, `pyproject.toml`, `__init__.py`, and 6 additional inspected files. This is not a security review — see Step 7 for what was and was not checked.
- **PR Link**: ✅ https://github.com/example/packagea/compare/v1.2.3...v1.3.0
- **Diff Consistent**: ✅
-
-</details>
-```
-
-## Notes
-
- Be constructive and helpful. Provide direct links where possible so the
-  contributor can quickly fix the issue.
- If PyPI returns an error for a package, mention that it could not be found and
-  suggest the contributor verify the package name.
- For packages that only appear in `homeassistant/package_constraints.txt` or
-  `pyproject.toml` without being tied to a specific integration, the PR
-  description link requirement still applies.
- When checking test-only packages (from `requirements_test.txt` or
-  `requirements_test_all.txt`), apply the same license, repository, security,
-  and PR description checks as for production dependencies. Malicious test
-  dependencies still execute on contributor and CI machines.
- The Security Sanity Check (Step 7) is a **baseline** check, not a full
-  security review. It is informational only — it surfaces findings for a
-  human reviewer but never blocks the workflow on its own. The Security
-  column intentionally uses ☑️ (and *never* ✅) for the success case so
-  that a passing scan does not read as an endorsement: it only means
-  nothing obvious stood out. A ❌ is a strong signal to a reviewer, not an
-  automatic rejection.
- A package that appears in both a production file and a test file should only
-  be reported once; use the production file entry as the canonical one.
- This workflow is invoked exclusively via `workflow_dispatch`. The stage-1
-  workflow `Check requirements (changes detection)` runs on `pull_request` with
-  a paths filter on the tracked requirements files, and its completion triggers
-  the dispatcher (`Check requirements (dispatcher)`) which calls this workflow
-  with the PR number. Members can also dispatch this workflow manually with the
-  PR number to re-run the check after updating the PR description or fixing
-  issues without changing any requirements files. On a retrigger the existing
-  comment is updated in place so there is always exactly one requirements-check
-  comment in the PR.
@@ -38,8 +38,9 @@ on:

 env:
  CACHE_VERSION: 3
+  UV_CACHE_VERSION: 1
  MYPY_CACHE_VERSION: 1
-  HA_SHORT_VERSION: "2026.6"
+  HA_SHORT_VERSION: "2026.5"
  ADDITIONAL_PYTHON_VERSIONS: "[]"
  # 10.3 is the oldest supported version
  # - 10.3.32 is the version currently shipped with Synology (as of 17 Feb 2022)
@@ -281,7 +282,7 @@ jobs:
          echo "::add-matcher::.github/workflows/matchers/check-executables-have-shebangs.json"
          echo "::add-matcher::.github/workflows/matchers/codespell.json"
      - name: Run prek
-        uses: j178/prek-action@6ad80277337ad479fe43bd70701c3f7f8aa74db3 # v2.0.3
+        uses: j178/prek-action@cbc2f23eb5539cf20d82d1aabd0d0ecbcc56f4e3 # v2.0.2
        env:
          PREK_SKIP: no-commit-to-branch,mypy,pylint,gen_requirements_all,hassfest,hassfest-metadata,hassfest-mypy-config,zizmor
          RUFF_OUTPUT_FORMAT: github
@@ -302,7 +303,7 @@ jobs:
        with:
          persist-credentials: false
      - name: Run zizmor
-        uses: j178/prek-action@6ad80277337ad479fe43bd70701c3f7f8aa74db3 # v2.0.3
+        uses: j178/prek-action@cbc2f23eb5539cf20d82d1aabd0d0ecbcc56f4e3 # v2.0.2
        with:
          extra-args: --all-files zizmor

@@ -357,33 +358,32 @@ jobs:
        with:
          python-version: ${{ matrix.python-version }}
          check-latest: true
+      - name: Generate partial uv restore key
+        id: generate-uv-key
+        run: |
+          uv_version=$(cat requirements.txt | grep uv | cut -d '=' -f 3)
+          echo "version=${uv_version}" >> $GITHUB_OUTPUT
+          echo "key=uv-${UV_CACHE_VERSION}-${uv_version}-${HA_SHORT_VERSION}-$(date -u '+%Y-%m-%dT%H:%M:%s')" >> $GITHUB_OUTPUT
      - name: Restore base Python virtual environment
        id: cache-venv
-        uses: actions/cache/restore@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5
+        uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5
        with:
          path: venv
          key: >-
            ${{ runner.os }}-${{ runner.arch }}-${{ steps.python.outputs.python-version }}-${{
            needs.info.outputs.python_cache_key }}
-      - name: Generate partial uv restore key
-        if: steps.cache-venv.outputs.cache-hit != 'true'
-        id: generate-uv-key
-        env:
-          RUNNER_OS: ${{ runner.os }}
-          RUNNER_ARCH: ${{ runner.arch }}
-          PYTHON_VERSION: ${{ steps.python.outputs.python-version }}
-          HASH_FILES: ${{ hashFiles('requirements.txt', 'requirements_all.txt', 'requirements_test.txt', 'homeassistant/package_constraints.txt') }}
-        run: |
-          partial_key="${RUNNER_OS}-${RUNNER_ARCH}-${PYTHON_VERSION}-uv-"
-          echo "partial_key=${partial_key}" >> $GITHUB_OUTPUT
-          echo "full_key=${partial_key}${HASH_FILES}" >> $GITHUB_OUTPUT
      - name: Restore uv wheel cache
        if: steps.cache-venv.outputs.cache-hit != 'true'
-        uses: actions/cache/restore@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5
+        uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5
        with:
          path: ${{ env.UV_CACHE_DIR }}
-          key: ${{ steps.generate-uv-key.outputs.full_key }}
-          restore-keys: ${{ steps.generate-uv-key.outputs.partial_key }}
+          key: >-
+            ${{ runner.os }}-${{ runner.arch }}-${{ steps.python.outputs.python-version }}-${{
+            steps.generate-uv-key.outputs.key }}
+          restore-keys: |
+            ${{ runner.os }}-${{ runner.arch }}-${{ steps.python.outputs.python-version }}-uv-${{
+            env.UV_CACHE_VERSION }}-${{ steps.generate-uv-key.outputs.version }}-${{
+            env.HA_SHORT_VERSION }}-
      - name: Check if apt cache exists
        id: cache-apt-check
        uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5
@@ -398,7 +398,6 @@ jobs:
        if: |
          steps.cache-venv.outputs.cache-hit != 'true'
          || steps.cache-apt-check.outputs.cache-hit != 'true'
-        id: install-os-deps
        timeout-minutes: 10
        env:
          APT_CACHE_HIT: ${{ steps.cache-apt-check.outputs.cache-hit }}
@@ -432,10 +431,7 @@ jobs:
            sudo chmod -R 755 ${APT_CACHE_BASE}
          fi
      - name: Save apt cache
-        if: |
-          always()
-          && steps.cache-apt-check.outputs.cache-hit != 'true'
-          && steps.install-os-deps.outcome == 'success'
+        if: steps.cache-apt-check.outputs.cache-hit != 'true'
        uses: actions/cache/save@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5
        with:
          path: |
@@ -445,7 +441,6 @@ jobs:
            ${{ runner.os }}-${{ runner.arch }}-${{ needs.info.outputs.apt_cache_key }}
      - name: Create Python virtual environment
        if: steps.cache-venv.outputs.cache-hit != 'true'
-        id: create-venv
        run: |
          python -m venv venv
          . venv/bin/activate
@@ -453,7 +448,8 @@ jobs:
          pip install "$(grep '^uv' < requirements.txt)"
          uv pip install -U "pip>=25.2"
          uv pip install -r requirements.txt
-          uv pip install -r requirements_all.txt -r requirements_test.txt
+          python -m script.gen_requirements_all ci
+          uv pip install -r requirements_all_pytest.txt -r requirements_test.txt
          uv pip install -e . --config-settings editable_mode=compat
      - name: Dump pip freeze
        run: |
@@ -469,29 +465,12 @@ jobs:
          overwrite: true
      - name: Remove pip_freeze
        run: rm pip_freeze.txt
+      - name: Remove generated requirements_all
+        if: steps.cache-venv.outputs.cache-hit != 'true'
+        run: rm requirements_all_pytest.txt requirements_all_wheels_*.txt
      - name: Check dirty
        run: |
          ./script/check_dirty
-      - name: Prune uv cache
-        if: steps.cache-venv.outputs.cache-hit != 'true'
-        id: prune-uv-cache
-        run: |
-          . venv/bin/activate
-          uv cache prune --ci
-      - name: Save uv wheel cache
-        if: steps.cache-venv.outputs.cache-hit != 'true'
-        uses: actions/cache/save@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5
-        with:
-          path: ${{ env.UV_CACHE_DIR }}
-          key: ${{ steps.generate-uv-key.outputs.full_key }}
-      - name: Save base Python virtual environment
-        if: always() && steps.create-venv.outcome == 'success'
-        uses: actions/cache/save@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5
-        with:
-          path: venv
-          key: >-
-            ${{ runner.os }}-${{ runner.arch }}-${{ steps.python.outputs.python-version }}-${{
-            needs.info.outputs.python_cache_key }}

  hassfest:
    name: Check hassfest
@@ -632,7 +611,7 @@ jobs:
        with:
          persist-credentials: false
      - name: Dependency review
-        uses: actions/dependency-review-action@a1d282b36b6f3519aa1f3fc636f609c47dddb294 # v5.0.0
+        uses: actions/dependency-review-action@2031cfc080254a8a887f58cffee85186f0e49e48 # v4.9.0
        with:
          license-check: false # We use our own license audit checks

@@ -853,7 +832,7 @@ jobs:
        run: |
          . venv/bin/activate
          python --version
-          mypy --num-workers=4 homeassistant pylint
+          mypy homeassistant pylint
      - name: Run mypy (partially)
        if: needs.info.outputs.test_full_suite == 'false'
        shell: bash
@@ -862,7 +841,7 @@ jobs:
        run: |
          . venv/bin/activate
          python --version
-          mypy --num-workers=4 $(printf "homeassistant/components/%s " ${INTEGRATIONS_GLOB})
+          mypy $(printf "homeassistant/components/%s " ${INTEGRATIONS_GLOB})

  prepare-pytest-full:
    name: Split tests for full run
@@ -1088,7 +1067,6 @@ jobs:
        options: >-
          --health-cmd="if command -v mariadb-admin >/dev/null; then mariadb-admin ping -uroot -ppassword; else mysqladmin ping -uroot -ppassword; fi"
          --health-interval=5s --health-timeout=2s --health-retries=3
-          --tmpfs /var/lib/mysql:size=2g,mode=0750
    needs:
      - info
      - base
@@ -1246,10 +1224,7 @@ jobs:
          - 5432:5432
        env:
          POSTGRES_PASSWORD: password
-        options: >-
-          --health-cmd="pg_isready -hlocalhost -Upostgres"
-          --health-interval=5s --health-timeout=2s --health-retries=3
-          --tmpfs /var/lib/postgresql/data:size=2g,mode=0700
+        options: --health-cmd="pg_isready -hlocalhost -Upostgres" --health-interval=5s --health-timeout=2s --health-retries=3
    needs:
      - info
      - base
@@ -28,11 +28,11 @@ jobs:
          persist-credentials: false

      - name: Initialize CodeQL
-        uses: github/codeql-action/init@68bde559dea0fdcac2102bfdf6230c5f70eb485e # v4.35.4
+        uses: github/codeql-action/init@95e58e9a2cdfd71adc6e0353d5c52f41a045d225 # v4.35.2
        with:
          languages: python

      - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@68bde559dea0fdcac2102bfdf6230c5f70eb485e # v4.35.4
+        uses: github/codeql-action/analyze@95e58e9a2cdfd71adc6e0353d5c52f41a045d225 # v4.35.2
        with:
          category: "/language:python"
@@ -1,6 +1,6 @@
 repos:
  - repo: https://github.com/astral-sh/ruff-pre-commit
-    rev: v0.15.13
+    rev: v0.15.10
    hooks:
      - id: ruff-check
        args:
@@ -23,7 +23,6 @@ repos:
      - id: zizmor
        args:
          - --pedantic
-        exclude: ^\.github/workflows/.*\.lock\.yml$
  - repo: https://github.com/pre-commit/pre-commit-hooks
    rev: v6.0.0
    hooks:
@@ -47,7 +46,6 @@ repos:
        additional_dependencies:
          - prettier@3.6.2
          - prettier-plugin-sort-json@4.2.0
-        exclude: ^\.github/workflows/.*\.lock\.yml$
  - repo: https://github.com/cdce8p/python-typing-update
    rev: v0.6.0
    hooks:
@@ -1 +1 @@
-3.14.4
+3.14.3
@@ -139,7 +139,6 @@ homeassistant.components.cambridge_audio.*
 homeassistant.components.camera.*
 homeassistant.components.canary.*
 homeassistant.components.casper_glow.*
-homeassistant.components.centriconnect.*
 homeassistant.components.cert_expiry.*
 homeassistant.components.clickatell.*
 homeassistant.components.clicksend.*
@@ -156,7 +155,6 @@ homeassistant.components.counter.*
 homeassistant.components.cover.*
 homeassistant.components.cpuspeed.*
 homeassistant.components.crownstone.*
-homeassistant.components.data_grand_lyon.*
 homeassistant.components.date.*
 homeassistant.components.datetime.*
 homeassistant.components.deako.*
@@ -250,7 +248,6 @@ homeassistant.components.gpsd.*
 homeassistant.components.greeneye_monitor.*
 homeassistant.components.group.*
 homeassistant.components.guardian.*
-homeassistant.components.guntamatic.*
 homeassistant.components.habitica.*
 homeassistant.components.hardkernel.*
 homeassistant.components.hardware.*
@@ -298,7 +295,6 @@ homeassistant.components.imap.*
 homeassistant.components.imgw_pib.*
 homeassistant.components.immich.*
 homeassistant.components.incomfort.*
-homeassistant.components.indevolt.*
 homeassistant.components.inels.*
 homeassistant.components.infrared.*
 homeassistant.components.input_button.*
@@ -358,7 +354,6 @@ homeassistant.components.lunatone.*
 homeassistant.components.lutron.*
 homeassistant.components.madvr.*
 homeassistant.components.manual.*
-homeassistant.components.marantz_infrared.*
 homeassistant.components.mastodon.*
 homeassistant.components.matrix.*
 homeassistant.components.matter.*
@@ -425,11 +420,9 @@ homeassistant.components.opower.*
 homeassistant.components.oralb.*
 homeassistant.components.otbr.*
 homeassistant.components.otp.*
-homeassistant.components.ouman_eh_800.*
 homeassistant.components.overkiz.*
 homeassistant.components.overseerr.*
 homeassistant.components.p1_monitor.*
-homeassistant.components.paj_gps.*
 homeassistant.components.panel_custom.*
 homeassistant.components.paperless_ngx.*
 homeassistant.components.peblar.*
@@ -449,7 +442,6 @@ homeassistant.components.private_ble_device.*
 homeassistant.components.prometheus.*
 homeassistant.components.proximity.*
 homeassistant.components.prusalink.*
-homeassistant.components.ptdevices.*
 homeassistant.components.pure_energie.*
 homeassistant.components.purpleair.*
 homeassistant.components.pushbullet.*
@@ -492,7 +484,6 @@ homeassistant.components.rss_feed_template.*
 homeassistant.components.russound_rio.*
 homeassistant.components.ruuvi_gateway.*
 homeassistant.components.ruuvitag_ble.*
-homeassistant.components.samsung_infrared.*
 homeassistant.components.samsungtv.*
 homeassistant.components.saunum.*
 homeassistant.components.scene.*
@@ -1,6 +1,5 @@
 ignore: |
  tests/fixtures/core/config/yaml_errors/
-  .github/workflows/*.lock.yml
 rules:
  braces:
    level: error
@@ -6,36 +6,22 @@ This repository contains the core of Home Assistant, a Python 3 based home autom

 - **Do NOT amend, squash, or rebase commits that have already been pushed to the PR branch after the PR is opened** - Reviewers need to follow the commit history, as well as see what changed since their last review

-## Pull Requests
-
- When opening a pull request, use the repository's PR template (`.github/PULL_REQUEST_TEMPLATE.md`). NEVER REMOVE ANYTHING from the template.
- Do not remove checkboxes that are not checked — leave all unchecked checkboxes in place so reviewers can see which options were not selected.
-
 ## Development Commands

- When entering a new environment or worktree, run `script/setup` to set up the virtual environment with all development dependencies (pylint, pre-commit hooks, etc.). This is required before committing.
- .vscode/tasks.json contains useful commands used for development.
+.vscode/tasks.json contains useful commands used for development.

 ## Python Syntax Notes

- Home Assistant officially supports Python 3.14 as its minimum version. Do not flag syntax or features that require Python 3.14 as issues, and do not suggest workarounds for older Python versions.
- Python 3.14 explicitly allows `except TypeA, TypeB:` without parentheses. Never flag this as an issue.
- Python 3.14 evaluates annotations lazily (PEP 649). Forward references in annotations do not need to be quoted — annotations can reference names defined later in the module without quoting them or using `from __future__ import annotations`. Do not flag unquoted forward references in annotations as issues.
+- Python 3.14 explicitly allows `except TypeA, TypeB:` without parentheses. Never flag this as an issue since Home Assistant officially supports Python 3.14.

 ## Testing

- Use `uv run pytest` to run tests
- After modifying `strings.json` for an integration, regenerate the English translation file before running tests: `.venv/bin/python3 -m script.translations develop --integration <integration_name>`. Tests load translations from the generated `translations/en.json`, not directly from `strings.json`.
- When writing or modifying tests, ensure all test function parameters have type annotations.
- Prefer concrete types (for example, `HomeAssistant`, `MockConfigEntry`, etc.) over `Any`.
- Prefer `@pytest.mark.usefixtures` over arguments, if the argument is not going to be used.
- Avoid using conditions/branching in tests. Instead, either split tests or adjust the test parametrization to cover all cases without branching.
- If multiple tests share most of their code, use `pytest.mark.parametrize` to merge them into a single parameterized test instead of duplicating the body. Use `pytest.param` with an `id` parameter to name the test cases clearly.
- We use Syrupy for snapshot testing. Leverage `.ambr` snapshots instead of repetitive and exhaustive generation of test data within Python code itself.
+When writing or modifying tests, ensure all test function parameters have type annotations.
+Prefer concrete types (for example, `HomeAssistant`, `MockConfigEntry`, etc.) over `Any`.

 ## Good practices

- Integrations with Platinum or Gold level in the Integration Quality Scale reflect a high standard of code quality and maintainability. When looking for examples of something, these are good places to start. The level is indicated in the manifest.json of the integration.
- When reviewing entity actions, do not suggest extra defensive checks for input fields that are already validated by Home Assistant's service/action schemas and entity selection filters. Suggest additional guards only when data bypasses those validators or is transformed into a less-safe form.
- When validation guarantees a dict key exists, prefer direct key access (`data["key"]`) instead of `.get("key")` so contract violations are surfaced instead of silently masked.
- Do not add comments that just restate the code on the following line(s) (e.g. `# Check if initialized` above `if self.initialized:`). Comments should only explain why — non-obvious constraints, surprising behavior, or workarounds — never what.
+Integrations with Platinum or Gold level in the Integration Quality Scale reflect a high standard of code quality and maintainability. When looking for examples of something, these are good places to start. The level is indicated in the manifest.json of the integration.
+
+When reviewing entity actions, do not suggest extra defensive checks for input fields that are already validated by Home Assistant's service/action schemas and entity selection filters. Suggest additional guards only when data bypasses those validators or is transformed into a less-safe form.
+When validation guarantees a dict key exists, prefer direct key access (`data["key"]`) instead of `.get("key")` so contract violations are surfaced instead of silently masked.
@@ -68,8 +68,6 @@ CLAUDE.md @home-assistant/core
 /tests/components/agent_dvr/ @ispysoftware
 /homeassistant/components/ai_task/ @home-assistant/core
 /tests/components/ai_task/ @home-assistant/core
-/homeassistant/components/aidot/ @s1eedz @HongBryan
-/tests/components/aidot/ @s1eedz @HongBryan
 /homeassistant/components/air_quality/ @home-assistant/core
 /tests/components/air_quality/ @home-assistant/core
 /homeassistant/components/airgradient/ @airgradienthq @joostlek
@@ -198,7 +196,6 @@ CLAUDE.md @home-assistant/core
 /homeassistant/components/autoskope/ @mcisk
 /tests/components/autoskope/ @mcisk
 /homeassistant/components/avea/ @pattyland
-/tests/components/avea/ @pattyland
 /homeassistant/components/awair/ @ahayworth @ricohageman
 /tests/components/awair/ @ahayworth @ricohageman
 /homeassistant/components/aws_s3/ @tomasbedrich
@@ -291,16 +288,12 @@ CLAUDE.md @home-assistant/core
 /tests/components/cast/ @emontnemery
 /homeassistant/components/ccm15/ @ocalvo
 /tests/components/ccm15/ @ocalvo
-/homeassistant/components/centriconnect/ @gresrun
-/tests/components/centriconnect/ @gresrun
 /homeassistant/components/cert_expiry/ @jjlawren
 /tests/components/cert_expiry/ @jjlawren
 /homeassistant/components/chacon_dio/ @cnico
 /tests/components/chacon_dio/ @cnico
 /homeassistant/components/chess_com/ @joostlek
 /tests/components/chess_com/ @joostlek
-/homeassistant/components/cielo_home/ @ihsan-cielo @mudasar-cielo
-/tests/components/cielo_home/ @ihsan-cielo @mudasar-cielo
 /homeassistant/components/cisco_ios/ @fbradyirl
 /homeassistant/components/cisco_mobility_express/ @fbradyirl
 /homeassistant/components/cisco_webex_teams/ @fbradyirl
@@ -352,8 +345,6 @@ CLAUDE.md @home-assistant/core
 /tests/components/cync/ @Kinachi249
 /homeassistant/components/daikin/ @fredrike
 /tests/components/daikin/ @fredrike
-/homeassistant/components/data_grand_lyon/ @Crocmagnon
-/tests/components/data_grand_lyon/ @Crocmagnon
 /homeassistant/components/date/ @home-assistant/core
 /tests/components/date/ @home-assistant/core
 /homeassistant/components/datetime/ @home-assistant/core
@@ -697,8 +688,6 @@ CLAUDE.md @home-assistant/core
 /tests/components/growatt_server/ @johanzander
 /homeassistant/components/guardian/ @bachya
 /tests/components/guardian/ @bachya
-/homeassistant/components/guntamatic/ @JensTimmerman
-/tests/components/guntamatic/ @JensTimmerman
 /homeassistant/components/habitica/ @tr4nt0r
 /tests/components/habitica/ @tr4nt0r
 /homeassistant/components/hanna/ @bestycame
@@ -862,8 +851,8 @@ CLAUDE.md @home-assistant/core
 /tests/components/input_select/ @home-assistant/core
 /homeassistant/components/input_text/ @home-assistant/core
 /tests/components/input_text/ @home-assistant/core
-/homeassistant/components/insteon/ @teharris1 @ssyrell
-/tests/components/insteon/ @teharris1 @ssyrell
+/homeassistant/components/insteon/ @teharris1
+/tests/components/insteon/ @teharris1
 /homeassistant/components/integration/ @dgomes
 /tests/components/integration/ @dgomes
 /homeassistant/components/intelliclima/ @dvdinth
@@ -983,8 +972,8 @@ CLAUDE.md @home-assistant/core
 /tests/components/lektrico/ @lektrico
 /homeassistant/components/letpot/ @jpelgrom
 /tests/components/letpot/ @jpelgrom
-/homeassistant/components/lg_infrared/ @abmantis
-/tests/components/lg_infrared/ @abmantis
+/homeassistant/components/lg_infrared/ @home-assistant/core
+/tests/components/lg_infrared/ @home-assistant/core
 /homeassistant/components/lg_netcast/ @Drafteed @splinter98
 /tests/components/lg_netcast/ @Drafteed @splinter98
 /homeassistant/components/lg_thinq/ @LG-ThinQ-Integration
@@ -1047,8 +1036,6 @@ CLAUDE.md @home-assistant/core
 /tests/components/lyric/ @timmo001
 /homeassistant/components/madvr/ @iloveicedgreentea
 /tests/components/madvr/ @iloveicedgreentea
-/homeassistant/components/marantz_infrared/ @balloob
-/tests/components/marantz_infrared/ @balloob
 /homeassistant/components/mastodon/ @fabaff @andrew-codechimp
 /tests/components/mastodon/ @fabaff @andrew-codechimp
 /homeassistant/components/matrix/ @PaarthShah
@@ -1105,8 +1092,6 @@ CLAUDE.md @home-assistant/core
 /tests/components/minecraft_server/ @elmurato @zachdeibert
 /homeassistant/components/minio/ @tkislan
 /tests/components/minio/ @tkislan
-/homeassistant/components/mitsubishi_comfort/ @nikolairahimi
-/tests/components/mitsubishi_comfort/ @nikolairahimi
 /homeassistant/components/moat/ @bdraco
 /tests/components/moat/ @bdraco
 /homeassistant/components/mobile_app/ @home-assistant/core
@@ -1256,8 +1241,6 @@ CLAUDE.md @home-assistant/core
 /homeassistant/components/ollama/ @synesthesiam
 /tests/components/ollama/ @synesthesiam
 /homeassistant/components/ombi/ @larssont
-/homeassistant/components/omie/ @luuuis
-/tests/components/omie/ @luuuis
 /homeassistant/components/onboarding/ @home-assistant/core
 /tests/components/onboarding/ @home-assistant/core
 /homeassistant/components/ondilo_ico/ @JeromeHXP
@@ -1311,8 +1294,6 @@ CLAUDE.md @home-assistant/core
 /tests/components/osoenergy/ @osohotwateriot
 /homeassistant/components/otbr/ @home-assistant/core
 /tests/components/otbr/ @home-assistant/core
-/homeassistant/components/ouman_eh_800/ @Markus98
-/tests/components/ouman_eh_800/ @Markus98
 /homeassistant/components/ourgroceries/ @OnFreund
 /tests/components/ourgroceries/ @OnFreund
 /homeassistant/components/overkiz/ @imicknl
@@ -1323,8 +1304,6 @@ CLAUDE.md @home-assistant/core
 /tests/components/ovo_energy/ @timmo001
 /homeassistant/components/p1_monitor/ @klaasnicolaas
 /tests/components/p1_monitor/ @klaasnicolaas
-/homeassistant/components/paj_gps/ @skipperro
-/tests/components/paj_gps/ @skipperro
 /homeassistant/components/palazzetti/ @dotvav
 /tests/components/palazzetti/ @dotvav
 /homeassistant/components/panel_custom/ @home-assistant/frontend
@@ -1397,8 +1376,6 @@ CLAUDE.md @home-assistant/core
 /tests/components/proxmoxve/ @Corbeno @erwindouna @CoMPaTech
 /homeassistant/components/ps4/ @ktnrg45
 /tests/components/ps4/ @ktnrg45
-/homeassistant/components/ptdevices/ @ParemTech-Inc @frogman85978
-/tests/components/ptdevices/ @ParemTech-Inc @frogman85978
 /homeassistant/components/pterodactyl/ @elmurato
 /tests/components/pterodactyl/ @elmurato
 /homeassistant/components/pure_energie/ @klaasnicolaas
@@ -1512,8 +1489,8 @@ CLAUDE.md @home-assistant/core
 /tests/components/roku/ @ctalkington
 /homeassistant/components/romy/ @xeniter
 /tests/components/romy/ @xeniter
-/homeassistant/components/roomba/ @pschmitt @cyr-ius @shenxn
-/tests/components/roomba/ @pschmitt @cyr-ius @shenxn
+/homeassistant/components/roomba/ @pschmitt @cyr-ius @shenxn @Orhideous
+/tests/components/roomba/ @pschmitt @cyr-ius @shenxn @Orhideous
 /homeassistant/components/roon/ @pavoni
 /tests/components/roon/ @pavoni
 /homeassistant/components/route_b_smart_meter/ @SeraphicRav
@@ -1536,8 +1513,6 @@ CLAUDE.md @home-assistant/core
 /homeassistant/components/sabnzbd/ @shaiu @jpbede
 /tests/components/sabnzbd/ @shaiu @jpbede
 /homeassistant/components/saj/ @fredericvl
-/homeassistant/components/samsung_infrared/ @lmaertin
-/tests/components/samsung_infrared/ @lmaertin
 /homeassistant/components/samsungtv/ @chemelli74 @epenet
 /tests/components/samsungtv/ @chemelli74 @epenet
 /homeassistant/components/sanix/ @tomaszsluszniak
@@ -2036,8 +2011,6 @@ CLAUDE.md @home-assistant/core
 /tests/components/xiaomi_miio/ @rytilahti @syssi @starkillerOG
 /homeassistant/components/xiaomi_tv/ @simse
 /homeassistant/components/xmpp/ @fabaff @flowolf
-/homeassistant/components/xthings_cloud/ @XthingsJacobs
-/tests/components/xthings_cloud/ @XthingsJacobs
 /homeassistant/components/yale/ @bdraco
 /tests/components/yale/ @bdraco
 /homeassistant/components/yale_smart_alarm/ @gjohansson-ST
@@ -2068,8 +2041,8 @@ CLAUDE.md @home-assistant/core
 /tests/components/zeroconf/ @bdraco
 /homeassistant/components/zerproc/ @emlove
 /tests/components/zerproc/ @emlove
-/homeassistant/components/zeversolar/ @kvanzuijlen @mhuiskes
-/tests/components/zeversolar/ @kvanzuijlen @mhuiskes
+/homeassistant/components/zeversolar/ @kvanzuijlen
+/tests/components/zeversolar/ @kvanzuijlen
 /homeassistant/components/zha/ @dmulcahey @adminiuga @puddly @TheJulianJES
 /tests/components/zha/ @dmulcahey @adminiuga @puddly @TheJulianJES
 /homeassistant/components/zimi/ @markhannon
@@ -1,5 +1,5 @@
 # syntax=docker/dockerfile@sha256:2780b5c3bab67f1f76c781860de469442999ed1a0d7992a5efdf2cffc0e3d769
-# Partly generated by hassfest.
+# Automatically generated by hassfest.
 #
 # To update, run python3 -m script.hassfest -p docker
 ARG BUILD_FROM
@@ -26,7 +26,7 @@ WORKDIR /usr/src
 COPY rootfs /

 # Add go2rtc binary
-COPY --from=ghcr.io/alexxit/go2rtc:1.9.14@sha256:675c318b23c06fd862a61d262240c9a63436b4050d177ffc68a32710d9e05bae /usr/local/bin/go2rtc /bin/go2rtc
+COPY --from=ghcr.io/alexxit/go2rtc@sha256:675c318b23c06fd862a61d262240c9a63436b4050d177ffc68a32710d9e05bae /usr/local/bin/go2rtc /bin/go2rtc

 ## Setup Home Assistant Core dependencies
 COPY --parents requirements.txt homeassistant/package_constraints.txt homeassistant/
@@ -1,5 +1,7 @@
 """Start Home Assistant."""

+from __future__ import annotations
+
 import argparse
 from contextlib import suppress
 import faulthandler
@@ -1,5 +1,7 @@
 """Provide an authentication layer for Home Assistant."""

+from __future__ import annotations
+
 import asyncio
 from collections import OrderedDict
 from collections.abc import Mapping
@@ -73,12 +75,10 @@ async def auth_manager_from_config(
        provider_hash[key] = provider

        if isinstance(provider, HassAuthProvider):
-            # Can be removed in 2026.7 with the legacy mode of
-            # homeassistant auth provider.
-            # We need to initialize the provider to create the repair
-            # if needed as otherwise the provider will be initialized
-            # on first use, which could be rare as users don't
-            # frequently change auth settings
+            # Can be removed in 2026.7 with the legacy mode of homeassistant auth provider
+            # We need to initialize the provider to create the repair if needed as otherwise
+            # the provider will be initialized on first use, which could be rare as users
+            # don't frequently change auth settings
            await provider.async_initialize()

    if module_configs:
@@ -1,5 +1,7 @@
 """Storage for auth models."""

+from __future__ import annotations
+
 from datetime import timedelta
 import hmac
 import itertools
@@ -5,6 +5,8 @@ we can cache the result of the decode of valid tokens
 to speed up the process.
 """

+from __future__ import annotations
+
 from collections.abc import Container, Iterable, Sequence
 from datetime import timedelta
 from functools import lru_cache
@@ -1,5 +1,7 @@
 """Pluggable auth modules for Home Assistant."""

+from __future__ import annotations
+
 import logging
 import types
 from typing import Any
@@ -1,5 +1,7 @@
 """Example auth module."""

+from __future__ import annotations
+
 from typing import Any

 import voluptuous as vol
@@ -3,6 +3,8 @@
 Sending HOTP through notify service
 """

+from __future__ import annotations
+
 import asyncio
 import logging
 from typing import Any, cast
@@ -1,5 +1,7 @@
 """Time-based One Time Password auth module."""

+from __future__ import annotations
+
 import asyncio
 from io import BytesIO
 from typing import Any, cast
@@ -1,5 +1,7 @@
 """Auth models."""

+from __future__ import annotations
+
 from datetime import datetime, timedelta
 from ipaddress import IPv4Address, IPv6Address
 import secrets
@@ -1,7 +1,8 @@
 """Permissions for Home Assistant."""

-from collections.abc import Callable, Iterable
-from typing import TYPE_CHECKING
+from __future__ import annotations
+
+from collections.abc import Callable

 import voluptuous as vol

@@ -12,9 +13,6 @@ from .models import PermissionLookup
 from .types import PolicyType
 from .util import test_all

-if TYPE_CHECKING:
-    from ..models import User
-
 POLICY_SCHEMA = vol.Schema({vol.Optional(CAT_ENTITIES): ENTITY_POLICY_SCHEMA})

 __all__ = [
@@ -24,21 +22,10 @@ __all__ = [
    "PermissionLookup",
    "PolicyPermissions",
    "PolicyType",
-    "filter_entity_ids_by_permission",
    "merge_policies",
 ]


-def filter_entity_ids_by_permission(
-    user: User, entity_ids: Iterable[str], key: str
-) -> list[str]:
-    """Filter entity IDs to those the user can access for the given policy key."""
-    if user.is_admin or user.permissions.access_all_entities(key):
-        return list(entity_ids)
-    check_entity = user.permissions.check_entity
-    return [entity_id for entity_id in entity_ids if check_entity(entity_id, key)]
-
-
 class AbstractPermissions:
    """Default permissions class."""

@@ -1,5 +1,7 @@
 """Entity permissions."""

+from __future__ import annotations
+
 from collections import OrderedDict
 from collections.abc import Callable

@@ -1,5 +1,7 @@
 """Permission for events."""

+from __future__ import annotations
+
 from typing import Any, Final

 from homeassistant.const import (
@@ -1,5 +1,7 @@
 """Merging of policies."""

+from __future__ import annotations
+
 from typing import cast

 from .types import CategoryType, PolicyType
@@ -1,5 +1,7 @@
 """Models for permissions."""

+from __future__ import annotations
+
 from typing import TYPE_CHECKING

 import attr
@@ -1,5 +1,7 @@
 """Helpers to deal with permissions."""

+from __future__ import annotations
+
 from collections.abc import Callable
 from functools import wraps
 from typing import cast
@@ -1,5 +1,7 @@
 """Auth providers for Home Assistant."""

+from __future__ import annotations
+
 from collections.abc import Mapping
 import logging
 import types
@@ -1,5 +1,7 @@
 """Auth provider that validates credentials via an external command."""

+from __future__ import annotations
+
 import asyncio
 from collections.abc import Mapping
 import logging
@@ -1,5 +1,7 @@
 """Home Assistant auth provider."""

+from __future__ import annotations
+
 import asyncio
 import base64
 from collections.abc import Mapping
@@ -120,10 +122,9 @@ class Data:
            if self.normalize_username(username, force_normalize=True) != username:
                logging.getLogger(__name__).warning(
                    (
-                        "Home Assistant auth provider is running in"
-                        " legacy mode because we detected usernames"
-                        " that are normalized (lowercase and without"
-                        " spaces). Please change the username: '%s'."
+                        "Home Assistant auth provider is running in legacy mode "
+                        "because we detected usernames that are normalized (lowercase and without spaces)."
+                        " Please change the username: '%s'."
                    ),
                    username,
                )
@@ -140,9 +141,7 @@ class Data:
                severity=ir.IssueSeverity.WARNING,
                translation_key="homeassistant_provider_not_normalized_usernames",
                translation_placeholders={
-                    "usernames": (
-                        f'- "{'"\n- "'.join(sorted(not_normalized_usernames))}"'
-                    )
+                    "usernames": f'- "{'"\n- "'.join(sorted(not_normalized_usernames))}"'
                },
                learn_more_url="homeassistant://config/users",
            )
@@ -1,5 +1,7 @@
 """Example auth provider."""

+from __future__ import annotations
+
 from collections.abc import Mapping
 import hmac

@@ -4,6 +4,8 @@ It shows list of users if access from trusted network.
 Abort login flow if not access from trusted network.
 """

+from __future__ import annotations
+
 from collections.abc import Mapping
 from ipaddress import (
    IPv4Address,
@@ -1,5 +1,7 @@
 """Home Assistant module to handle restoring backups."""

+from __future__ import annotations
+
 from collections.abc import Iterable
 from dataclasses import dataclass
 import json
@@ -60,10 +62,7 @@ def restore_backup_file_content(config_dir: Path) -> RestoreBackupFileContent |


 def _clear_configuration_directory(config_dir: Path, keep: Iterable[str]) -> None:
-    """Delete all files and directories in the config dir.
-
-    Entries in the keep list are preserved.
-    """
+    """Delete all files and directories in the config directory except entries in the keep list."""
    keep_paths = [config_dir.joinpath(path) for path in keep]
    entries_to_remove = sorted(
        entry for entry in config_dir.iterdir() if entry not in keep_paths
@@ -104,8 +103,7 @@ def _extract_backup(
            )
        ) > HA_VERSION:
            raise ValueError(
-                f"You need at least Home Assistant version"
-                f" {backup_meta_version} to restore this backup"
+                f"You need at least Home Assistant version {backup_meta_version} to restore this backup"
            )

        with securetar.SecureTarFile(
@@ -1,5 +1,7 @@
 """Provide methods to bootstrap a Home Assistant instance."""

+from __future__ import annotations
+
 import asyncio
 from collections import defaultdict
 import contextlib
@@ -17,8 +19,7 @@ from time import monotonic
 from typing import TYPE_CHECKING, Any

 # Import cryptography early since import openssl is not thread-safe
-# _frozen_importlib._DeadlockError: deadlock detected by
-# _ModuleLock('cryptography.hazmat.backends.openssl.backend')
+# _frozen_importlib._DeadlockError: deadlock detected by _ModuleLock('cryptography.hazmat.backends.openssl.backend')
 import cryptography.hazmat.backends.openssl.backend  # noqa: F401
 import voluptuous as vol
 import yarl
@@ -166,14 +167,10 @@ FRONTEND_INTEGRATIONS = {
    # visible in frontend
    "frontend",
 }
-# Stage 0 is divided into substages. Each substage has a name,
-# a set of integrations and a timeout.
-# The substage containing recorder should have no timeout, as it
-# could cancel a database migration.
-# Recorder freezes "recorder" timeout during a migration, but it
-# does not freeze other timeouts.
-# If we add timeouts to the frontend substages, we should make sure
-# they don't apply in recovery mode.
+# Stage 0 is divided into substages. Each substage has a name, a set of integrations and a timeout.
+# The substage containing recorder should have no timeout, as it could cancel a database migration.
+# Recorder freezes "recorder" timeout during a migration, but it does not freeze other timeouts.
+# If we add timeouts to the frontend substages, we should make sure they don't apply in recovery mode.
 STAGE_0_INTEGRATIONS = (
    # Load logging and http deps as soon as possible
    ("logging, http deps", LOGGING_AND_HTTP_DEPS_INTEGRATIONS, None),
@@ -1,5 +0,0 @@
-{
-  "domain": "marantz",
-  "name": "Marantz",
-  "integrations": ["marantz", "marantz_infrared"]
-}
@@ -1,5 +0,0 @@
-{
-  "domain": "mitsubishi",
-  "name": "Mitsubishi",
-  "integrations": ["melcloud", "mitsubishi_comfort"]
-}
@@ -1,5 +1,5 @@
 {
  "domain": "samsung",
  "name": "Samsung",
-  "integrations": ["familyhub", "samsung_infrared", "samsungtv", "syncthru"]
+  "integrations": ["familyhub", "samsungtv", "syncthru"]
 }
@@ -1,5 +0,0 @@
-{
-  "domain": "sensereo",
-  "name": "Sensereo",
-  "iot_standards": ["matter"]
-}
@@ -1,5 +0,0 @@
-{
-  "domain": "zunzunbee",
-  "name": "Zunzunbee",
-  "iot_standards": ["zigbee"]
-}
@@ -1,5 +1,7 @@
 """Support for the Abode Security System."""

+from __future__ import annotations
+
 from dataclasses import dataclass, field
 from functools import partial
 from pathlib import Path
@@ -1,5 +1,7 @@
 """Support for Abode Security System alarm control panels."""

+from __future__ import annotations
+
 from jaraco.abode.devices.alarm import Alarm

 from homeassistant.components.alarm_control_panel import (
@@ -1,5 +1,7 @@
 """Support for Abode Security System binary sensors."""

+from __future__ import annotations
+
 from typing import cast

 from jaraco.abode.devices.binary_sensor import BinarySensor
@@ -1,5 +1,7 @@
 """Support for Abode Security System cameras."""

+from __future__ import annotations
+
 from datetime import timedelta
 from typing import Any, cast

@@ -1,5 +1,7 @@
 """Config flow for the Abode Security System component."""

+from __future__ import annotations
+
 from collections.abc import Mapping
 from http import HTTPStatus
 from typing import Any, cast
@@ -1,5 +1,7 @@
 """Constants for the Abode Security System component."""

+from __future__ import annotations
+
 import logging

 LOGGER = logging.getLogger(__package__)
@@ -1,5 +1,7 @@
 """Support for Abode Security System lights."""

+from __future__ import annotations
+
 from math import ceil
 from typing import Any

@@ -1,5 +1,7 @@
 """Support for Abode Security System sensors."""

+from __future__ import annotations
+
 from collections.abc import Callable
 from dataclasses import dataclass
 from typing import cast
@@ -1,5 +1,7 @@
 """Support for the Abode Security System."""

+from __future__ import annotations
+
 from typing import TYPE_CHECKING

 from jaraco.abode.exceptions import Exception as AbodeException
@@ -44,7 +46,6 @@ def _change_setting(call: ServiceCall) -> None:

    try:
        _get_abode_system(call.hass).abode.set_setting(setting, value)
-    # pylint: disable-next=home-assistant-action-swallowed-exception
    except AbodeException as ex:
        LOGGER.warning(ex)

@@ -1,5 +1,7 @@
 """Support for Abode Security System switches."""

+from __future__ import annotations
+
 from typing import Any, cast

 from jaraco.abode.devices.switch import Switch
@@ -1,5 +1,7 @@
 """Coordinator for Acaia integration."""

+from __future__ import annotations
+
 from datetime import timedelta
 import logging

@@ -1,5 +1,7 @@
 """Diagnostics support for Acaia."""

+from __future__ import annotations
+
 from dataclasses import asdict
 from typing import Any

@@ -143,4 +143,4 @@ class AcaiaRestoreSensor(AcaiaEntity, RestoreSensor):
    @property
    def available(self) -> bool:
        """Return True if entity is available."""
-        return super().available or self.native_value is not None
+        return super().available or self._restored_data is not None
@@ -1,5 +1,7 @@
 """The AccuWeather component."""

+from __future__ import annotations
+
 import asyncio
 import logging

@@ -1,5 +1,7 @@
 """Adds config flow for AccuWeather."""

+from __future__ import annotations
+
 from asyncio import timeout
 from collections.abc import Mapping
 from typing import TYPE_CHECKING, Any
@@ -1,5 +1,7 @@
 """Constants for AccuWeather integration."""

+from __future__ import annotations
+
 from datetime import timedelta
 from typing import Final

@@ -1,5 +1,7 @@
 """The AccuWeather coordinator."""

+from __future__ import annotations
+
 from asyncio import timeout
 from collections.abc import Awaitable, Callable
 from dataclasses import dataclass
@@ -1,5 +1,7 @@
 """Diagnostics support for AccuWeather."""

+from __future__ import annotations
+
 from typing import Any

 from homeassistant.components.diagnostics import async_redact_data
@@ -1,5 +1,7 @@
 """Support for the AccuWeather service."""

+from __future__ import annotations
+
 from collections.abc import Callable
 from dataclasses import dataclass
 from typing import Any, cast
@@ -1,5 +1,7 @@
 """Provide info to system health."""

+from __future__ import annotations
+
 from typing import Any

 from accuweather.const import ENDPOINT
@@ -1,5 +1,7 @@
 """Support for the AccuWeather service."""

+from __future__ import annotations
+
 from typing import cast

 from homeassistant.components.weather import (
@@ -1,5 +1,7 @@
 """Use serial protocol of Acer projector to obtain state of the projector."""

+from __future__ import annotations
+
 from typing import Final

 from homeassistant.const import STATE_OFF, STATE_ON
@@ -5,5 +5,5 @@
  "documentation": "https://www.home-assistant.io/integrations/acer_projector",
  "iot_class": "local_polling",
  "quality_scale": "legacy",
-  "requirements": ["serialx==1.8.0"]
+  "requirements": ["serialx==1.4.1"]
 }
@@ -1,5 +1,7 @@
 """Use serial protocol of Acer projector to obtain state of the projector."""

+from __future__ import annotations
+
 import logging
 import re
 from typing import Any
@@ -1,5 +1,7 @@
 """Config flow for Rollease Acmeda Automate Pulse Hub."""

+from __future__ import annotations
+
 from asyncio import timeout
 from contextlib import suppress
 from typing import Any
@@ -1,5 +1,7 @@
 """Support for Acmeda Roller Blinds."""

+from __future__ import annotations
+
 from typing import Any

 from homeassistant.components.cover import (
@@ -1,5 +1,7 @@
 """Base class for Acmeda Roller Blinds."""

+from __future__ import annotations
+
 import aiopulse

 from homeassistant.core import callback
@@ -1,5 +1,7 @@
 """Helper functions for Acmeda Pulse."""

+from __future__ import annotations
+
 from typing import TYPE_CHECKING

 from aiopulse import Roller
@@ -1,5 +1,7 @@
 """Code to handle a Pulse Hub."""

+from __future__ import annotations
+
 import asyncio
 from collections.abc import Callable

@@ -1,5 +1,7 @@
 """Support for Acmeda Roller Blind Batteries."""

+from __future__ import annotations
+
 from homeassistant.components.sensor import SensorDeviceClass, SensorEntity
 from homeassistant.const import PERCENTAGE
 from homeassistant.core import HomeAssistant, callback
@@ -1,5 +1,7 @@
 """Support for Actiontec MI424WR (Verizon FIOS) routers."""

+from __future__ import annotations
+
 import re
 from typing import Final

@@ -1,5 +1,7 @@
 """Support for Actiontec MI424WR (Verizon FIOS) routers."""

+from __future__ import annotations
+
 import logging
 from typing import Final

@@ -147,7 +147,7 @@ class ActronSystemClimate(ActronAirAcEntity, ActronAirClimateEntity):
    @property
    def target_temperature(self) -> float:
        """Return the target temperature."""
-        return self._status.user_aircon_settings.current_setpoint
+        return self._status.user_aircon_settings.temperature_setpoint_cool_c

    @actron_air_command
    async def async_set_fan_mode(self, fan_mode: str) -> None:
@@ -239,7 +239,7 @@ class ActronZoneClimate(ActronAirZoneEntity, ActronAirClimateEntity):
    @property
    def target_temperature(self) -> float | None:
        """Return the target temperature."""
-        return self._zone.current_setpoint
+        return self._zone.temperature_setpoint_cool_c

    @actron_air_command
    async def async_set_hvac_mode(self, hvac_mode: HVACMode) -> None:
@@ -6,12 +6,7 @@ from typing import Any

 from actron_neo_api import ActronAirAPI, ActronAirAuthError

-from homeassistant.config_entries import (
-    SOURCE_REAUTH,
-    SOURCE_RECONFIGURE,
-    ConfigFlow,
-    ConfigFlowResult,
-)
+from homeassistant.config_entries import SOURCE_REAUTH, ConfigFlow, ConfigFlowResult
 from homeassistant.const import CONF_API_TOKEN
 from homeassistant.exceptions import HomeAssistantError

@@ -110,14 +105,6 @@ class ActronAirConfigFlow(ConfigFlow, domain=DOMAIN):
                data_updates={CONF_API_TOKEN: self._api.refresh_token_value},
            )

-        # Check if this is a reconfigure flow
-        if self.source == SOURCE_RECONFIGURE:
-            self._abort_if_unique_id_mismatch(reason="wrong_account")
-            return self.async_update_reload_and_abort(
-                self._get_reconfigure_entry(),
-                data_updates={CONF_API_TOKEN: self._api.refresh_token_value},
-            )
-
        self._abort_if_unique_id_configured()
        return self.async_create_entry(
            title=user_data.email,
@@ -151,20 +138,6 @@ class ActronAirConfigFlow(ConfigFlow, domain=DOMAIN):

        return self.async_show_form(step_id="reauth_confirm")

-    async def async_step_reconfigure(
-        self, user_input: dict[str, Any] | None = None
-    ) -> ConfigFlowResult:
-        """Handle reconfiguration request."""
-        return await self.async_step_reconfigure_confirm()
-
-    async def async_step_reconfigure_confirm(
-        self, user_input: dict[str, Any] | None = None
-    ) -> ConfigFlowResult:
-        """Confirm reconfiguration dialog."""
-        if user_input is not None:
-            return await self.async_step_user()
-        return self.async_show_form(step_id="reconfigure_confirm")
-
    async def async_step_connection_error(
        self, user_input: dict[str, Any] | None = None
    ) -> ConfigFlowResult:
@@ -1,5 +1,7 @@
 """Coordinator for Actron Air integration."""

+from __future__ import annotations
+
 from dataclasses import dataclass
 from datetime import timedelta

@@ -1,5 +1,7 @@
 """Diagnostics support for Actron Air."""

+from __future__ import annotations
+
 from typing import Any

 from homeassistant.components.diagnostics import async_redact_data
@@ -60,7 +60,7 @@ rules:
  entity-translations: done
  exception-translations: done
  icon-translations: done
-  reconfiguration-flow: done
+  reconfiguration-flow: todo
  repair-issues:
    status: exempt
    comment: This integration does not have any known issues that require repair.
@@ -4,8 +4,7 @@
      "already_configured": "[%key:common::config_flow::abort::already_configured_account%]",
      "oauth2_error": "Failed to start authentication flow",
      "reauth_successful": "[%key:common::config_flow::abort::reauth_successful%]",
-      "reconfigure_successful": "[%key:common::config_flow::abort::reconfigure_successful%]",
-      "wrong_account": "You must authenticate with the same Actron Air account that was originally configured."
+      "wrong_account": "You must reauthenticate with the same Actron Air account that was originally configured."
    },
    "error": {
      "oauth2_error": "Failed to start authentication flow. Please try again later."
@@ -23,10 +22,6 @@
        "description": "Your Actron Air authentication has expired. Select continue to reauthenticate with your Actron Air account. You will be prompted to log in again to restore the connection.",
        "title": "Authentication expired"
      },
-      "reconfigure_confirm": {
-        "description": "Reconfigure your Actron Air account. You will be prompted to log in again. Note: you must use the same account that was originally configured.",
-        "title": "Reconfigure Actron Air"
-      },
      "timeout": {
        "data": {},
        "description": "The authentication process timed out. Please try again.",
@@ -1,5 +1,7 @@
 """The Adax integration."""

+from __future__ import annotations
+
 from homeassistant.const import Platform
 from homeassistant.core import HomeAssistant

@@ -1,5 +1,7 @@
 """Support for Adax wifi-enabled home heaters."""

+from __future__ import annotations
+
 from typing import Any, cast

 from adax import Adax
@@ -1,5 +1,7 @@
 """Config flow for Adax integration."""

+from __future__ import annotations
+
 import logging
 from typing import Any

@@ -1,5 +1,7 @@
 """Support for Adax energy sensors."""

+from __future__ import annotations
+
 from dataclasses import dataclass
 from typing import cast

@@ -1,5 +1,7 @@
 """Support for AdGuard Home."""

+from __future__ import annotations
+
 from dataclasses import dataclass

 from adguardhome import AdGuardHome, AdGuardHomeConnectionError
@@ -1,5 +1,7 @@
 """Config flow to configure the AdGuard Home integration."""

+from __future__ import annotations
+
 from typing import Any

 from adguardhome import AdGuardHome, AdGuardHomeConnectionError
@@ -1,5 +1,7 @@
 """AdGuard Home base entity."""

+from __future__ import annotations
+
 from adguardhome import AdGuardHomeError

 from homeassistant.config_entries import SOURCE_HASSIO
@@ -1,5 +1,7 @@
 """Support for AdGuard Home sensors."""

+from __future__ import annotations
+
 from collections.abc import Callable, Coroutine
 from dataclasses import dataclass
 from datetime import timedelta
@@ -79,12 +79,6 @@
  "exceptions": {
    "config_entry_not_loaded": {
      "message": "Config entry not loaded."
-    },
-    "error_while_turn_off": {
-      "message": "An error occurred while turning off AdGuard Home switch."
-    },
-    "error_while_turn_on": {
-      "message": "An error occurred while turning on AdGuard Home switch."
    }
  },
  "services": {
@@ -1,5 +1,7 @@
 """Support for AdGuard Home switches."""

+from __future__ import annotations
+
 from collections.abc import Callable, Coroutine
 from dataclasses import dataclass
 from datetime import timedelta
@@ -9,11 +11,10 @@ from adguardhome import AdGuardHome, AdGuardHomeError

 from homeassistant.components.switch import SwitchEntity, SwitchEntityDescription
 from homeassistant.core import HomeAssistant
-from homeassistant.exceptions import HomeAssistantError
 from homeassistant.helpers.entity_platform import AddConfigEntryEntitiesCallback

 from . import AdGuardConfigEntry, AdGuardData
-from .const import DOMAIN
+from .const import DOMAIN, LOGGER
 from .entity import AdGuardHomeEntity

 SCAN_INTERVAL = timedelta(seconds=10)
@@ -117,23 +118,17 @@ class AdGuardHomeSwitch(AdGuardHomeEntity, SwitchEntity):
        """Turn off the switch."""
        try:
            await self.entity_description.turn_off_fn(self.adguard)()
-        except AdGuardHomeError as err:
+        except AdGuardHomeError:
+            LOGGER.error("An error occurred while turning off AdGuard Home switch")
            self._attr_available = False
-            raise HomeAssistantError(
-                translation_domain=DOMAIN,
-                translation_key="error_while_turn_off",
-            ) from err

    async def async_turn_on(self, **kwargs: Any) -> None:
        """Turn on the switch."""
        try:
            await self.entity_description.turn_on_fn(self.adguard)()
-        except AdGuardHomeError as err:
+        except AdGuardHomeError:
+            LOGGER.error("An error occurred while turning on AdGuard Home switch")
            self._attr_available = False
-            raise HomeAssistantError(
-                translation_domain=DOMAIN,
-                translation_key="error_while_turn_on",
-            ) from err

    async def _adguard_update(self) -> None:
        """Update AdGuard Home entity."""
@@ -1,5 +1,7 @@
 """AdGuard Home Update platform."""

+from __future__ import annotations
+
 from datetime import timedelta
 from typing import Any

@@ -1,5 +1,7 @@
 """Support for ADS binary sensors."""

+from __future__ import annotations
+
 import pyads
 import voluptuous as vol

@@ -1,5 +1,7 @@
 """Support for Automation Device Specification (ADS)."""

+from __future__ import annotations
+
 from enum import StrEnum
 from typing import TYPE_CHECKING

@@ -1,5 +1,7 @@
 """Support for ADS covers."""

+from __future__ import annotations
+
 from typing import Any

 import pyads
@@ -1,5 +1,7 @@
 """Support for ADS light sources."""

+from __future__ import annotations
+
 from typing import Any

 import pyads
@@ -106,8 +108,7 @@ class AdsLight(AdsEntity, LightEntity):
        self._attr_supported_color_modes = filter_supported_color_modes(color_modes)
        self._attr_color_mode = next(iter(self._attr_supported_color_modes))

-        # Set color temperature range
-        # (static config values take precedence over defaults)
+        # Set color temperature range (static config values take precedence over defaults)
        if ads_var_color_temp_kelvin is not None:
            self._attr_min_color_temp_kelvin = (
                min_color_temp_kelvin
--- a/Show More
+++ b/Show More
@@ -1 +1 @@
 .14.4
 .14.3